DES-EDE3-CBC is unsupported after enabling FIPS

Comments

Hello,

After enabling FIPS on RHEL 9, the DES-EDE3-CBC cypher becomes unsupported:

$ openssl enc -des-ede3-cbc -base64 -K 17839778773fadde0066e4578710928988398877bb123789 -iv 0000000000000000 < /dev/null
Error setting cipher DES-EDE3-CBC
808B1AD24E7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (DES-EDE3-CBC : 27), Properties ()

Is the use of this cypher not allowed under FIPS?

For contrast I tried the same on Ubuntu and it is supported there.

Thank you!

Started 2023-09-20T15:35:41+00:00 by

Norberto Arrieta

Newbie 10 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)

Select Your Language

DES-EDE3-CBC is unsupported after enabling FIPS

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links